WordPress is a powerful platform, but it can become vulnerable if not properly secured. With cPFence, you can safeguard your WordPress installations against malware, unauthorized changes, and other security threats. This guide explains how to use cPFence’s WordPress Integrity Check and related tools to enhance the security of your sites.
WordPress Integrity Check
The WordPress Integrity Check feature in cPFence is designed to detect unauthorized changes, unexpected files, or checksum mismatches in WordPress core files. It ensures that your websites are protected against potential malicious activity.
Easy-to-Use CLI Commands
cPFence provides simple CLI commands to manage the WordPress Integrity Check feature. Here are the key commands:
- Enable WordPress Integrity Check: Safeguard your WordPress sites by enabling this feature. (Recommended)
cpfence --enable-integrity-check - Disable WordPress Integrity Check: Turn off the integrity check if not required.
cpfence --disable-integrity-check - Enable Automatic File Quarantine: Automatically move unexpected files to quarantine for review.
cpfence --enable-auto-file-action - Disable Automatic File Quarantine: Turn off automatic quarantine for detected files.
cpfence --disable-auto-file-action - Set Integrity Check Frequency: Choose how often the integrity check runs. Options are
dailyorhourly.
cpfence --set-check-frequency [daily|hourly]
Excluding Trusted Websites or Files
To fine-tune the Integrity Check, you can exclude specific websites or files:
- Exclude Specific Websites:
Add the paths of websites to be excluded in the file:
/opt/cpfence/user-config/cpfowl/exclude_integrity_check_sites.txt - Exclude Specific Files:
Add filenames to be excluded from detection or quarantine in the file:
/opt/cpfence/user-config/cpfowl/exclude_integrity_check_files.txt
Example Configurations
- Enable Integrity Check with automatic file quarantine and daily checks:
cpfence --enable-integrity-check cpfence --enable-auto-file-action cpfence --set-check-frequency daily - Disable Integrity Check entirely:
cpfence --disable-integrity-check
Best Practices for Securing WordPress
In addition to enabling the Integrity Check, follow these tips for optimal security:
- Keep WordPress core, themes, and plugins up to date.
- Use strong passwords and enable two-factor authentication (2FA).
- Install a reputable WordPress security plugin, such as Wordfence, for extra protection.
- Remove unused or outdated plugins and themes.
- Regularly back up your website files and databases.
Secure Your WordPress Sites with cPFence Bulk Security Features
Cleaning an infected WordPress site is just one part of securing your server. To prevent future attacks and strengthen your server’s defenses, cPFence now offers a suite of bulk security features designed specifically for WordPress. These tools enable you to apply critical security measures across all your sites with just a few commands.
Key Features:
- Disable XML-RPC: Block XML-RPC attacks server-wide with a 403 response using
cpfence --bulk-disable-wp-xmlrpc. - Limit Login Attempts: Protect wp-login from brute force attacks by limiting login attempts to 5 in 5 minutes.
- Set Secure Permissions: Fix insecure file and folder permissions server-wide automatically.
- Apply WordPress Hardening: Secure uploads, wp-config, and wp-includes with one command.
- Manage Auto-Updates: Enable or disable automatic updates for WordPress core, plugins, and themes.
To learn more about these features and how to use them, visit our comprehensive guide: How to Use Bulk WordPress Security Features in cPFence.
Need Further Assistance?
If you encounter any issues or need additional help, feel free to reach out to our support team via your client portal.
